- Date: Mon, 15 Mar 1999 09:18:24 +0100 (MET)
>The question here is are we required to accept email from
>any source on the net?
Whether or not to accept SMTP from a particular IP address (dialup or
other) is a purely local decision for end systems. It does, of course,
include the end users that may not get their mail, but nothing else.
Your equipment is yours and you decide who may connect to it. Period.
For an ISP, the number of affected end users with mailbox accounts may
be large and make this hard/impossible for pure business reasons.
Someone else said:
>We don't need this facility if the ISP's block outgoing traffic to the
>smtp-port except from their own servers.
Whether or not an ISP may filter/redirect SMTP traffic, in/out, is a
very different story. Usually ISPs claim to provide "plumbing" but
take no responsibilities for the content. Forcing email through the
ISP's outgoing mail server does away with this and opens up for
receivers to start legal activities against the ISP. Do you want that?
It also does away with the end-to-end principle that is actually part
of Internet success. I rent an *IP connection* from an ISP but I do
not trust him to handle my outgoing mail. My decision, not his.
If I decide no to connect directly the recipients' hosts - maybe the
ISP's dialup is being blocked - I'll have to arrange for authorization
with someone to be my outgoing mail relay, "SMTP Auth" with my own
mailbox (POP) host comes to mind. I doubt "SMTP Auth" is a general
answer, but for exactly Mail Relay Auth with your own mailbox (POP)
host I think is is - all the things you need are already there, e.g.
mailbox and POP name and passwd.
If the idea is to get trustworthy logs, as opposed to Received: lines
from angry recipients, my suggestion is to use some transparent device
that keeps track of SMTP traffic, parses and logs the dialogue but
does not interfere with it. I think a cisco PIX in 1:1 mode could be
configured to do exactly that.
Having seen UUNET completely ignore spam complains for a *very*
long time I find it hard to believe that the lack of trustworthy
logs is even a minor part of the problem.